scmanjarrez / cvescannerv2 Goto Github PK
View Code? Open in Web Editor NEWNmap script that scans for probable vulnerabilities based on services discovered in open ports.
License: GNU General Public License v3.0
Nmap script that scans for probable vulnerabilities based on services discovered in open ports.
License: GNU General Public License v3.0
This is the error when running nmap in debug mode:
NSE: [GetaSploit 192.168.0.184:21] Nmap detection worked.
NSE: [GetaSploit 192.168.0.184:21] Nmap detection: cpe => cpe:/a:vsftpd:vsftpd:3.0.3 | version => 3.0.3
NSE: [GetaSploit 192.168.0.184:21] CVEScannerV2 detection worked.
NSE: [GetaSploit 192.168.0.184:21] CVEScannerV2 detection: product => vsftpd | version => 3.0.3 | vupdate => * | range_from => nil | range_to => nil
NSE: GetaSploit against 192.168.0.184:21 threw an error!
/usr/bin/../share/nmap/scripts/CVEScannerV2.nse:511: attempt to index a nil value (local 'cur')
stack traceback:
/usr/bin/../share/nmap/scripts/CVEScannerV2.nse:511: in upvalue 'vulnerabilities'
/usr/bin/../share/nmap/scripts/CVEScannerV2.nse:574: in upvalue 'nmap_analysis'
/usr/bin/../share/nmap/scripts/CVEScannerV2.nse:693: in function </usr/bin/../share/nmap/scripts/CVEScannerV2.nse:668>
(...tail calls...)
The OS is "22.04.1 LTS (Jammy Jellyfish)"
I've tried multiple Operating Systems and builds and they all have the same issue.
Can you please shed some light on what is causing this error?
Thanks in advance
On of my assets, I saw that Nmap has recognized Mailenable version 10.3 but the CVEScannerV2 has printed some CVES that all fixed on Mailenable 8.6, how can we solve it to have a better match based on product version ?
here is the output :
"cvescannerv2": "\n product: mailenable\n version: 10.43\n vupdate: *\n cves: 7\n \tCVE ID \tCVSSv2\tCVSSv3\tExploitDB \tMetasploit\n \tCVE-2007-0955 \t7.8 \t- \tNo \tNo \n \tCVE-2015-9277 \t7.5 \t9.1 \tNo \tNo \n \tCVE-2015-9280 \t5.0 \t10.0 \tNo \tNo \n \tCVE-2010-2580 \t5.0 \t- \tNo \tNo \n \tCVE-2015-9278 \t5.0 \t9.8 \tNo \tNo \n \tCVE-2015-9279 \t4.3 \t6.1 \tNo \tNo \n \tCVE-2012-0389 \t4.3 \t- \tYes \tNo \n ",
Hello there, I don't know why but I get the cvescannerv2 output with duplication, why it mentions the CVEs three times ?
root@ubuntu20:/usr/share/nmap/scripts# nmap -sV --script default,banner-plus.nse,ssl-cert,ssl-date,ssl-enum-ciphers,cvescannerv2 xxx -p 443,80,444 -Pn
Starting Nmap 7.80 ( https://nmap.org ) at 2023-09-05 13:50 +0330
NSE: [cvescannerv2] Timestamp: 2023-09-05T10:20:45+00:00
NSE: [cvescannerv2] CVE data source: nvd.nist.gov
NSE: [cvescannerv2] Script version: 3.0
Nmap scan report for xxxx
Host is up (0.085s latency).
PORT STATE SERVICE VERSION
80/tcp open http nginx 1.18.0 (Ubuntu)
| cvescannerv2:
| product: nginx
| version: 1.18.0
| vupdate: *
| cves: 4
| CVE ID CVSSv2 CVSSv3 ExploitDB Metasploit
| CVE-2022-41741 nil 7.8 No No
| CVE-2021-23017 6.8 7.7 No No
| CVE-2021-3618 5.8 7.4 No No
| CVE-2022-41742 nil 7.1 No No
|
| product: nginx
| version: 1.18.0
| vupdate: *
| cves: 4
| CVE ID CVSSv2 CVSSv3 ExploitDB Metasploit
| CVE-2022-41741 nil 7.8 No No
| CVE-2021-23017 6.8 7.7 No No
| CVE-2021-3618 5.8 7.4 No No
| CVE-2022-41742 nil 7.1 No No
|
| product: nginx
| version: 1.18.0
| vupdate: *
| cves: 4
| CVE ID CVSSv2 CVSSv3 ExploitDB Metasploit
| CVE-2022-41741 nil 7.8 No No
| CVE-2021-23017 6.8 7.7 No No
| CVE-2021-3618 5.8 7.4 No No
| CVE-2022-41742 nil 7.1 No No
443/tcp open ssl/http nginx 1.18.0 (Ubuntu)
| cvescannerv2:
| product: nginx
| version: 1.18.0
| vupdate: *
| cves: 4
| CVE ID CVSSv2 CVSSv3 ExploitDB Metasploit
| CVE-2022-41741 nil 7.8 No No
| CVE-2021-23017 6.8 7.7 No No
| CVE-2021-3618 5.8 7.4 No No
| CVE-2022-41742 nil 7.1 No No
|
| product: nginx
| version: 1.18.0
| vupdate: *
| cves: 4
| CVE ID CVSSv2 CVSSv3 ExploitDB Metasploit
| CVE-2022-41741 nil 7.8 No No
| CVE-2021-23017 6.8 7.7 No No
| CVE-2021-3618 5.8 7.4 No No
| CVE-2022-41742 nil 7.1 No No
|
| product: nginx
| version: 1.18.0
| vupdate: *
| cves: 4
| CVE ID CVSSv2 CVSSv3 ExploitDB Metasploit
| CVE-2022-41741 nil 7.8 No No
| CVE-2021-23017 6.8 7.7 No No
| CVE-2021-3618 5.8 7.4 No No
| CVE-2022-41742 nil 7.1 No No
|_
444/tcp open ssl/http nginx 1.18.0 (Ubuntu)
| cvescannerv2:
| product: nginx
| version: 1.18.0
| vupdate: *
| cves: 4
| CVE ID CVSSv2 CVSSv3 ExploitDB Metasploit
| CVE-2022-41741 nil 7.8 No No
| CVE-2021-23017 6.8 7.7 No No
| CVE-2021-3618 5.8 7.4 No No
| CVE-2022-41742 nil 7.1 No No
|
| product: nginx
| version: 1.18.0
| vupdate: *
| cves: 4
| CVE ID CVSSv2 CVSSv3 ExploitDB Metasploit
| CVE-2022-41741 nil 7.8 No No
| CVE-2021-23017 6.8 7.7 No No
| CVE-2021-3618 5.8 7.4 No No
| CVE-2022-41742 nil 7.1 No No
|
| product: nginx
| version: 1.18.0
| vupdate: *
| cves: 4
| CVE ID CVSSv2 CVSSv3 ExploitDB Metasploit
| CVE-2022-41741 nil 7.8 No No
| CVE-2021-23017 6.8 7.7 No No
| CVE-2021-3618 5.8 7.4 No No
| CVE-2022-41742 nil 7.1 No No
|_
|
Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 68.58 seconds
Hello world,
I got this error
Python.3.9_3.9.2544.0_x64__qbz5n2kfra8p0\lib\encodings\cp1252.py", line 23, in decode
return codecs.charmap_decode(input,self.errors,decoding_table)[0]
UnicodeDecodeError: 'charmap' codec can't decode byte 0x9d in position 20988183: character maps to .
Any support
Hi there, I've tried to create the cve.db daily ... but the database.py has error. plz help me figure it out
Here is the error :
database-updater_1 |
database-updater_1 | CVEScannerV2 Copyright (C) 2022-2023 Sergio Chica Manjarrez @ pervasive.it.uc3m.es.
database-updater_1 | Universidad Carlos III de Madrid.
database-updater_1 | This program comes with ABSOLUTELY NO WARRANTY; for details check below.
database-updater_1 | This is free software, and you are welcome to redistribute it
database-updater_1 | under certain conditions; check below for details.
database-updater_1 |
database-updater_1 | [*] Updating database...
database-updater_1 | Traceback (most recent call last):
database-updater_1 | File "/app/database.py", line 694, in
database-updater_1 | update_db(args, thread_objs, populate=not Path(args.database).is_file())
database-updater_1 | File "/app/database.py", line 517, in update_db
database-updater_1 | last = db.cached_metadata()
database-updater_1 | File "/app/database.py", line 196, in cached_metadata
database-updater_1 | return self.cursor.fetchone()[0]
database-updater_1 | TypeError: 'NoneType' object is not subscriptable
here is my Dockerfile:
FROM python:3.9
RUN apt-get update && apt-get install -y sqlite3 jq curl
WORKDIR /app
COPY . .
RUN pip install -r requirements.txt
RUN echo "$API_KEY" > .api
CMD ["python3", "database.py"]
Or be able to use a proxy
Greetings! The script does not find vulnerabilities CVE-2010-2730, CVE-2010-3972 and CVE-2010-1899. On the port, the Microsoft server is IIS/7.5.
nmap -sV --script ./cvescannerv2.nse X.X.X.X -d -vvv
Starting Nmap 7.80 ( https://nmap.org ) at 2024-03-05 15:04 +07
PORTS: Using top 1000 ports found open (TCP:1000, UDP:0, SCTP:0)
--------------- Timing report ---------------
hostgroups: min 1, max 100000
rtt-timeouts: init 1000, min 100, max 10000
max-scan-delay: TCP 1000, UDP 1000, SCTP 1000
parallelism: min 0, max 0
max-retries: 10, host-timeout: 0
min-rate: 0, max-rate: 0
---------------------------------------------
NSE: Using Lua 5.3.
NSE: Arguments from CLI:
NSE: Loaded 46 scripts for scanning.
NSE: Script Pre-scanning.
NSE: Starting runlevel 1 (of 2) scan.
Initiating NSE at 15:04
NSE: Starting cvescannerv2.
NSE: [cvescannerv2] Timestamp: 2024-03-05T08:04:20+00:00
NSE: [cvescannerv2] CVE data source: nvd.nist.gov
NSE: [cvescannerv2] Script version: 3.1.2
NSE: Finished cvescannerv2.
Completed NSE at 15:04, 0.01s elapsed
NSE: Starting runlevel 2 (of 2) scan.
Initiating NSE at 15:04
Completed NSE at 15:04, 0.00s elapsed
Initiating Ping Scan at 15:04
Scanning X.X.X.X [2 ports]
Completed Ping Scan at 15:04, 0.37s elapsed (1 total hosts)
Overall sending rates: 5.40 packets / s.
mass_rdns: Using DNS server 127.0.0.53
Initiating Parallel DNS resolution of 1 host. at 15:04
mass_rdns: 0.00s 0/1 [#: 1, OK: 0, NX: 0, DR: 0, SF: 0, TR: 1]
Completed Parallel DNS resolution of 1 host. at 15:04, 0.00s elapsed
DNS resolution of 1 IPs took 0.00s. Mode: Async [#: 1, OK: 0, NX: 1, DR: 0, SF: 0, TR: 1, CN: 0]
Initiating Connect Scan at 15:04
Scanning X.X.X.X [1000 ports]
Discovered open port 110/tcp on X.X.X.X
Discovered open port 25/tcp on X.X.X.X
Discovered open port 80/tcp on X.X.X.X
Completed Connect Scan at 15:04, 20.93s elapsed (1000 total ports)
Overall sending rates: 95.92 packets / s.
Initiating Service scan at 15:04
Scanning 3 services on X.X.X.X
Completed Service scan at 15:04, 14.85s elapsed (3 services on 1 host)
NSE: Script scanning X.X.X.X.
NSE: Starting runlevel 1 (of 2) scan.
Initiating NSE at 15:04
NSE: Starting cvescannerv2 against X.X.X.X:25.
NSE: Finished cvescannerv2 against X.X.X.X:25.
NSE: Starting cvescannerv2 against X.X.X.X.
NSE: Finished cvescannerv2 against X.X.X.X.
NSE: Starting vmware-version against X.X.X.X:80.
NSE: Starting https-redirect against X.X.X.X:80.
NSE: Starting hnap-info against X.X.X.X:80.
NSE: Starting cvescannerv2 against X.X.X.X:110.
NSE: Finished cvescannerv2 against X.X.X.X:110.
NSE: Starting cvescannerv2 against X.X.X.X:80.
NSE: [cvescannerv2 X.X.X.X:80] nmap cpe: cpe:/a:microsoft:iis:7.5 | version: 7.5
NSE: Starting http-trane-info against X.X.X.X:80.
NSE: [cvescannerv2 X.X.X.X:80] http.request socket error: The script encountered an error:
- ssl failed:
- Failed to connect:
- Could not connect:
- TIMEOUT
NSE: [cvescannerv2 X.X.X.X:80] Error processing request http://X.X.X.X:80/ => Error creating socket.
NSE: [cvescannerv2 X.X.X.X:80] cpe => cpe:/a:microsoft:iis:7.5 | version => 7.5
NSE: [cvescannerv2 X.X.X.X:80] product => iis | version => 7.5
NSE: Finished cvescannerv2 against X.X.X.X:80.
NSE: [vmware-version X.X.X.X:80] Couldn't download file: /sdk
NSE: Finished vmware-version against X.X.X.X:80.
NSE: Finished https-redirect against X.X.X.X:80.
NSE: [hnap-info X.X.X.X:80] HTTP: Host returns proper 404 result.
NSE: [http-trane-info X.X.X.X:80] HTTP: Host returns proper 404 result.
NSE: Finished hnap-info against X.X.X.X:80.
NSE: Finished http-trane-info against X.X.X.X:80.
Completed NSE at 15:05, 2.95s elapsed
NSE: Starting runlevel 2 (of 2) scan.
Initiating NSE at 15:05
NSE: Starting http-server-header against X.X.X.X:80.
NSE: Finished http-server-header against X.X.X.X:80.
Completed NSE at 15:05, 1.75s elapsed
Nmap scan report for X.X.X.X
Host is up, received syn-ack (0.35s latency).
Scanned at 2024-03-05 15:04:20 +07 for 41s
Not shown: 997 filtered ports
Reason: 997 no-responses
PORT STATE SERVICE REASON VERSION
25/tcp open smtp syn-ack hMailServer smtpd
80/tcp open http syn-ack Microsoft IIS httpd 7.5
|_http-server-header: Microsoft-IIS/7.5
|_cvescannerv2:
110/tcp open pop3 syn-ack hMailServer pop3d
Service Info: Host: A8W12.ru; OS: Windows; CPE: cpe:/o:microsoft:windows
Final times for host: srtt: 348779 rttvar: 48079 to: 541095
NSE: Script Post-scanning.
NSE: Starting runlevel 1 (of 2) scan.
Initiating NSE at 15:05
NSE: Starting cvescannerv2.
NSE: Finished cvescannerv2.
Completed NSE at 15:05, 0.00s elapsed
NSE: Starting runlevel 2 (of 2) scan.
Initiating NSE at 15:05
Completed NSE at 15:05, 0.00s elapsed
Read from /usr/bin/../share/nmap: nmap-payloads nmap-service-probes nmap-services.
Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 41.19 seconds
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.